package cn.kgc.springboot.shiro;


import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;

/**
 * @author: hengge
 * @version: v1.0
 * @DATE: 2022/12/1
 * shiro的配置类
 */
@Configuration  //声明该类是配置类
public class shiroConfig {

    //1.创建ShiroFilter过滤器
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager defaultWebSecurityManager){
        //通过ShiroFilterFactoryBean工厂对象，获取securityManager
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);

        //设置为有顺序的map集合
        LinkedHashMap<String, String> map = new LinkedHashMap<>();
        //自定义资源的拦截(认证)和放行
        //放行static下的静态资源:css、extend、images、js、lib
        map.put("/css/**", "anon");
        map.put("/extend/**", "anon");
        map.put("/images/**", "anon");
        map.put("/js/**", "anon");
        map.put("/lib/**", "anon");

        //放行验证码
        map.put("/captcha/getCaptcha", "anon");
        //放行登录请求
        map.put("/user/login", "anon");

        //拦截所有的请求  --> authc为需要拦截的资源 anon放行资源 user:实现记住我的功能，将authc改为user
        //map.put("/**", "authc");
        map.put("/**", "user");
//        map.put("/**", "anon");

        //设置登录页
        shiroFilterFactoryBean.setLoginUrl("/login.html");
        //设置拦截路径(认证路径)
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
        return shiroFilterFactoryBean;
    }

    //2.创建web的安全管理器
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(Realm realm){
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();

        //创建CookieRememberMeManager对象（可ctrl+鼠标左键，点击进去查看）
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        SimpleCookie rm = new SimpleCookie("rm");
        rm.setMaxAge(60*60*24*7); //设置cookie的最大存活时间(有效时间)为7天
        rm.setHttpOnly(true);  //支持Http协议(为true支持)
        cookieRememberMeManager.setCookie(rm);  //将创建的Cookie赋给 cookieRememberMeManager
        defaultWebSecurityManager.setRememberMeManager(cookieRememberMeManager);

        //安全管理器设置realm对象
        defaultWebSecurityManager.setRealm(realm);
        return defaultWebSecurityManager;
    }

    //3.创建自定义realm
    @Bean
    public Realm realm(){
        //调用CustomerRealm对象，获取realm
        CustomerRealm customerRealm = new CustomerRealm();
        //设置凭证匹配器
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher("MD5");
        customerRealm.setCredentialsMatcher(hashedCredentialsMatcher);
        return customerRealm;

    }
}
